OWASP Global AppSec US 2021 has ended
Back To Schedule
Thursday, November 11 • 11:00am - 12:00pm
Metabadger: Automating IMDS Protection at Scale in AWS

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Feedback form is now closed.
Attackers have abused the IMDS in previous well-publicized breaches in AWS environments by finding applications that are vulnerable to Server-Side Request Forgery (SSRF) and obtaining privileged AWS credentials via the metadata service. AWS has since released v2 of IMDS to protect against SSRF. But how do you upgrade thousands of live EC2 instances across your AWS accounts without causing downtime?

Metabadger is an open source tool that we built at Salesforce that can help you rapidly and safely upgrade your EC2 instances to use IMDSv2 and prevent SSRF-based theft of EC2 Metadata Credentials. Using Metabadger, you can enforce IMDSv2 across your entire AWS account with a single command, specify exceptions, or investigate where and how you are using IMDSv2.

In this talk, we will walk through the different components of how the AWS Instance Metadata Service works. We’ll provide security and operational recommendations to consider when upgrading to IMDSv2. We’ll also dive into automation and enterprise architecture strategies for simplifying the process of migrating your AWS compute infrastructure to use the updated and more secure version of IMDSv2.

avatar for Ashish Patel

Ashish Patel

Security Engineer
Ashish enjoys automating manual security hardening and letting the robots do the work for you. You'll often find him working on the challenges we come across in the cloud, application, and infrastructure security space. In his free time, he likes to blog about solving large scale... Read More →

Thursday November 11, 2021 11:00am - 12:00pm PST

Attendees (7)